areguera / rpms / ipa

Forked from rpms/ipa 5 years ago
Clone

Blame SOURCES/0150-ipapython.ipautil.run-Add-option-to-set-umask-before.patch

483b06
From 68d97e2beca1ee3b398fc5f0d3ed70aa8b69e732 Mon Sep 17 00:00:00 2001
483b06
From: David Kupka <dkupka@redhat.com>
483b06
Date: Tue, 11 Apr 2017 17:35:30 +0200
483b06
Subject: [PATCH] ipapython.ipautil.run: Add option to set umask before
483b06
 executing command
483b06
483b06
https://pagure.io/freeipa/issue/6831
483b06
483b06
Reviewed-By: Stanislav Laznicka <slaznick@redhat.com>
483b06
Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
483b06
---
483b06
 ipapython/ipautil.py | 43 +++++++++++++++++++++++--------------------
483b06
 1 file changed, 23 insertions(+), 20 deletions(-)
483b06
483b06
diff --git a/ipapython/ipautil.py b/ipapython/ipautil.py
483b06
index cd66328e6c9a0f69e6f83582a9d288ac239c5be3..317fc225b722ad3ce2f4b9d92822b4f19d49adb9 100644
483b06
--- a/ipapython/ipautil.py
483b06
+++ b/ipapython/ipautil.py
483b06
@@ -309,7 +309,7 @@ class _RunResult(collections.namedtuple('_RunResult',
483b06
 def run(args, stdin=None, raiseonerr=True, nolog=(), env=None,
483b06
         capture_output=False, skip_output=False, cwd=None,
483b06
         runas=None, suplementary_groups=[],
483b06
-        capture_error=False, encoding=None, redirect_output=False):
483b06
+        capture_error=False, encoding=None, redirect_output=False, umask=None):
483b06
     """
483b06
     Execute an external command.
483b06
 
483b06
@@ -345,6 +345,7 @@ def run(args, stdin=None, raiseonerr=True, nolog=(), env=None,
483b06
         error_output, and (if it's not bytes) stdin.
483b06
         If None, the current encoding according to locale is used.
483b06
     :param redirect_output: Redirect (error) output to standard (error) output.
483b06
+    :param umask: Set file-creation mask before running the command.
483b06
 
483b06
     :return: An object with these attributes:
483b06
 
483b06
@@ -416,25 +417,27 @@ def run(args, stdin=None, raiseonerr=True, nolog=(), env=None,
483b06
     root_logger.debug('Starting external process')
483b06
     root_logger.debug('args=%s' % arg_string)
483b06
 
483b06
-    preexec_fn = None
483b06
-    if runas is not None:
483b06
-        pent = pwd.getpwnam(runas)
483b06
-
483b06
-        suplementary_gids = [
483b06
-            grp.getgrnam(group).gr_gid for group in suplementary_groups
483b06
-        ]
483b06
-
483b06
-        root_logger.debug('runas=%s (UID %d, GID %s)', runas,
483b06
-            pent.pw_uid, pent.pw_gid)
483b06
-        if suplementary_groups:
483b06
-            for group, gid in zip(suplementary_groups, suplementary_gids):
483b06
-                root_logger.debug('suplementary_group=%s (GID %d)', group, gid)
483b06
-
483b06
-        preexec_fn = lambda: (
483b06
-            os.setgroups(suplementary_gids),
483b06
-            os.setregid(pent.pw_gid, pent.pw_gid),
483b06
-            os.setreuid(pent.pw_uid, pent.pw_uid),
483b06
-        )
483b06
+    def preexec_fn():
483b06
+        if runas is not None:
483b06
+            pent = pwd.getpwnam(runas)
483b06
+
483b06
+            suplementary_gids = [
483b06
+                grp.getgrnam(group).gr_gid for group in suplementary_groups
483b06
+            ]
483b06
+
483b06
+            root_logger.debug('runas=%s (UID %d, GID %s)', runas,
483b06
+                              pent.pw_uid, pent.pw_gid)
483b06
+            if suplementary_groups:
483b06
+                for group, gid in zip(suplementary_groups, suplementary_gids):
483b06
+                    root_logger.debug('suplementary_group=%s (GID %d)',
483b06
+                                      group, gid)
483b06
+
483b06
+            os.setgroups(suplementary_gids)
483b06
+            os.setregid(pent.pw_gid, pent.pw_gid)
483b06
+            os.setreuid(pent.pw_uid, pent.pw_uid)
483b06
+
483b06
+        if umask:
483b06
+            os.umask(umask)
483b06
 
483b06
     try:
483b06
         p = subprocess.Popen(args, stdin=p_in, stdout=p_out, stderr=p_err,
483b06
-- 
483b06
2.9.4
483b06